[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

BOF report: defcon

To: iab@ietf.org, iesg@ietf.org
Subject: BOF report: defcon
From: Eric Rescorla <ekr@rtfm.com>
Date: Thu, 20 Mar 2003 17:38:05 -0800

Executive summary: pretty confused

So the basic idea here is pretty reasonable. Instead of having
a single perimeter firewall, have distributed firewalls, possibly
down to the machine level. The purpose of defcon is to define
mechanisms for controlling these firewalls.

That said, the meeting seemed pretty confused. The basic issue is that
there are really two things: (1) a protocol to carry the configuration
information and push it to the endpoint firewalls. (2) The data formats
for the configuration information itself.

There was a lot of discussion of whether or not (1) could be achieved
using some preexisting or generic configuration control protocol.
This was never clearly answered. In my view, that question needs
to be answered first. 

There was also the qeustion of how much actual enthusiasm there
is for ths work. I didn't see a lot of volunteers.

I don't have a problem with chartering this WG, but we would
need to have evaluating the above question the first charter
action item. We would also need a strong chair to keep the
discussion on track.

Prev by Date: Re: pads & plpmtud BOF
Next by Date: RE: [PWE3] draft-ietf-pwe3-ethernet-encap-02.txt: Tagged mode
Previous by thread: pads & plpmtud BOF
Next by thread: RE: [PWE3] draft-ietf-pwe3-ethernet-encap-02.txt: Tagged mode
Index(es):
- Date
- Thread